会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 2. 发明申请
    • IP ADDRESS DELEGATION
    • IP地址代理
    • WO2009109221A1
    • 2009-09-11
    • PCT/EP2008/052634
    • 2008-03-04
    • TELEFONAKTIEBOLAGET LM ERICSSON (publ)CAMARILLO, GonzaloNIKANDER, Pekka
    • CAMARILLO, GonzaloNIKANDER, Pekka
    • H04L29/06H04L29/12
    • H04L63/0823G06F21/33H04L9/3263H04L29/1232H04L29/12801H04L29/12915H04L61/2092H04L61/6004H04L61/6059
    • A method of verifying a request made in respect of an IPv6 address comprising a network routing prefix and a cryptographically generated Interface Identifier. The request includes a delegation certificate containing at least a public key of said host, one or more further parameters or a formula or formulae for generating one or more further parameters, a specification of a range or set of IPv6 network routing prefixes, an identity of a delegated host, and a digital signature taken over at least said identity and said specification of a range or set of IPv6 network routing prefixes using a private key associated with said public key. The method comprises verifying that said network routing prefix of said IPv6 address is contained within said specification, verifying that said public key and said further parameter(s) can be used to generate said cryptographically generated Interface Identifier, and verifying said signature using said public key.
    • 一种验证关于包括网络路由前缀和密码生成的接口标识符的IPv6地址的请求的方法。 该请求包括至少包含所述主机的公开密钥的委托证书,一个或多个其他参数或用于生成一个或多个其他参数的公式或公式,IPv6网络路由前缀的范围或集合的规范, 授权主机以及使用与所述公共密钥相关联的私钥的至少所述身份和所述IPv6网络路由前缀的范围或集合的规范的数字签名。 该方法包括验证所述IPv6地址的所述网络路由前缀是否包含在所述规范内,验证所述公开密钥和所述另外的参数可以用于生成所述加密生成的接口标识符,并且使用所述公共密钥验证所述签名 。
    • 4. 发明申请
    • HOST IDENTITY PROTOCOL METHOD AND APPARATUS
    • 主机标识协议方法和设备
    • WO2006133740A1
    • 2006-12-21
    • PCT/EP2005/052839
    • 2005-06-17
    • OY LM ERICSSON ABNIKANDER, Pekka
    • NIKANDER, Pekka
    • H04L29/06
    • H04L63/0442H04L63/08H04L63/12
    • A modified Host Identity Protocol, HIP, base exchange method is provided for use by first and second HIP hosts (Initiator and Responder) having a shared state from a pre- existing relationship. In the modified HIP base exchange method, an authentication message (I2') is sent (S2) from the first host (Initiator) to the second host (Responder) comprising an identifier (HITI) of the first host (Initiator) and a cryptographic item (PF). The authentication message (I2') is received (S3) at the second host (Responder). Following receipt, the identifier and information relating to the shared state are used (S4) to authenticate the cryptographic item (PF). If the cryptographic item, and the rest of the authentication message, is authenticated, a confirmation message (R2') is sent from the second host (Responder) to the first host (Initiator) to indicate successful authentication. These two messages (I2' and R2') are equivalent to the I2 and R2 messages of the standard HIP base exchange protocol, and the requirement for the I1 and R1 messages from the standard HIP base exchange protocol is eliminated.
    • 提供修改的主机身份协议HIP基本交换方法,用于具有来自预先存在的关系的共享状态的第一和第二HIP主机(发起者和响应者)使用。 在经修改的HIP基本交换方法中,从第一主机(发起方)向第二主机(响应者)发送认证消息(I2')(S2),包括第一主机(发起方)的标识符(HITI) 项目(PF)。 在第二主机(响应者)处接收认证消息(I2')(S3)。 在接收之后,使用与共享状态相关的标识符和信息(S4)来验证密码项(PF)。 如果加密项目和认证消息的其余部分被认证,则从第二主机(响应器)向第一主机(发起方)发送确认消息(R2')以指示成功认证。 这两个消息(I2'和R2')等同于标准HIP基本交换协议的I2和R2消息,并且消除了来自标准HIP基本交换协议的对于I1和R1消息的要求。
    • 6. 发明申请
    • METHOD AND SYSTEM FOR PERFORMING ELECTRONIC MONEY TRANSACTIONS
    • 执行电子货币交易的方法和系统
    • WO1998026381A1
    • 1998-06-18
    • PCT/FI1997000780
    • 1997-12-12
    • NIXU OYNIKANDER, Pekka
    • NIXU OY
    • G07F07/10
    • H04L63/0281G06Q20/02G06Q20/04G06Q20/065G06Q20/0855G06Q20/10G06Q20/102G06Q20/12G06Q20/16G06Q20/24G06Q20/32G06Q20/363G06Q20/381G07F7/0866H04L67/28H04L67/2823H04L67/327H04L2463/102H04M15/68H04M2215/0196
    • The present invention relates to electronic monetary systems in general, and in particular to measures for making their use easier for an average user. The present invention is based on the idea that the use of electronic money is greatly simplified for a non-expert user, if the Internet Service Provider of the user takes care of the payments, and adds corresponding charges on the user's telephone bill. Such functionality requires the intervention of the ISP in the transmissions between a user and a third party, i.e. intercepting the electronic payment requests sent by a merchant. According to the present invention, the ISP uses electronic money on behalf of the user, and charges the payments on the user's telephone bill. The ISP can take care of all technical details necessary for obtaining different forms of electronic money in a centralized manner, and all users of the ISP can use the electronic money obtained by the ISP simply by allowing the ISP to add corresponding charges to their telephone bills. Further, the ISP can obtain all major forms of electronic money, whereafter a user can choose the most economical way of payment, if a merchant accepts payments in more than one form of electronic money.
    • 本发明一般涉及电子货币系统,特别涉及一般使用者使其更容易使用的措施。 本发明基于以下思想:如果用户的因特网服务提供商负责支付,并且在用户的电话账单上增加相应的费用,则非专业用户大大简化了电子货币的使用。 这样的功能需要ISP在用户和第三方之间的传输中的干预,即拦截商家发送的电子支付请求。 根据本发明,ISP代表用户使用电子货币,并对用户电话账单支付费用。 互联网服务提供商可以全面掌握以集中的方式获取不同形式的电子货币所需的所有技术细节,ISP的所有用户都可以使用ISP获取的电子货币,只需通过允许ISP将相应的费用加入电话账单 。 此外,ISP可以获得所有主要形式的电子货币,之后如果商家以多种形式的电子货币接受付款,则用户可以选择最经济的付款方式。
    • 7. 发明申请
    • METHOD AND APPARATUS FOR INTERWORKING WITH SINGLE SIGN-ON AUTHENTICATION ARCHITECTURE
    • 用于与单一标识认证架构交互的方法和装置
    • WO2011128183A2
    • 2011-10-20
    • PCT/EP2011/054303
    • 2011-03-22
    • TELEFONAKTIEBOLAGET L M ERICSSON (PUBL)NIKANDER, PekkaEKDAHL, PatrikLEHTOVIRTA, VesaNORRMAN, KarlWIFVESSON, Monica
    • NIKANDER, PekkaEKDAHL, PatrikLEHTOVIRTA, VesaNORRMAN, KarlWIFVESSON, Monica
    • H04L29/06
    • H04L63/0815H04L63/0853H04L63/18H04W12/06
    • A method is provided for use in interworking a single sign-on authentication architecture and a further authentication architecture in a split terminal scenario. The split terminal scenario is one in which authentication under the single sign-on authentication architecture is required of a browsing agent (8) being used to access a relying party and in response, due to the interworking in the split terminal scenario, an associated authentication under the further authentication architecture is performed in relation to a separate authentication agent (7). A controlling agent (4) sends (C3) a token to the authentication agent (7). The controlling agent (4) sends (C4) a request to the browsing agent (8) to return a token for comparing with the token sent to the authentication agent (7). The controlling agent (4) waits (C6) for the authentication agent (7) or a user of the authentication agent (7) to communicate (A2) the received token to the browsing agent (8) via a secure and/or trusted channel and for the browsing agent (8), in response to the earlier received request, to forward (B4) the token to the controlling agent (4). The controlling agent (4) receives (C7) the token from the browsing agent (8). The controlling agent (4) compares (C10) the received token with the token sent to the authentication agent (7) to determine whether the authentication agent (7) is authorised to perform authentication on behalf of the browsing agent (8) and/or whether the browsing agent (8) is authorised to act as a representative for the authentication agent (7). The controlling agent (4) authenticates (C11) the browsing agent (8) to the relying party based on the associated authentication performed in relation to the authentication agent (7) if it is determined in the comparing step (C10) that the authentication agent (7) and/or browsing agent (8) is so authorised.
    • 提供了一种用于在分离终端场景中互通单一登录认证架构和另外的认证架构的方法。 分裂终端场景是其中需要用于访问依赖方的浏览代理(8)的单点登录认证体系结构下的认证,并且由于分裂终端场景中的互通,相关联的认证 在另外的认证体系结构下相对于单独的认证代理(7)执行。 控制代理(4)向认证代理(7)发送(C3)令牌。 控制代理(4)向浏览代理(8)发送(C4)请求以返回与发送给认证代理(7)的令牌进行比较的令牌。 控制代理(4)等待认证代理(7)的认证代理(7)或认证代理(7)的用户通过安全和/或受信任的信道将接收的令牌(A2)通信(A2)到浏览代理(8) 并且对于浏览代理(8),响应于较早接收到的请求,将令牌转发(B4)到控制代理(4)。 控制代理(4)从浏览代理(8)接收(C7)令牌。 控制代理(4)将接收的令牌(C10)与发送给认证代理(7)的令牌进行比较(C10),以确定认证代理(7)是否被授权代表浏览代理(8)执行认证和/或 浏览代理(8)是否被授权充当认证代理(7)的代表。 如果在比较步骤(C10)中确定认证代理(7)确定了相对于认证代理(7)执行的关联认证,则控制代理(4)将浏览代理(8)认证给依赖方(C11) (7)和/或浏览代理(8)被授权。
    • 10. 发明申请
    • FAST NETWORK ATTACHMENT
    • 快速网络连接
    • WO2006018045A1
    • 2006-02-23
    • PCT/EP2004/051871
    • 2004-08-20
    • TELEFONAKTIEBOLAGET LM ERICSSON (PUBL)ARKKO, JariNIKANDER, Pekka
    • ARKKO, JariNIKANDER, Pekka
    • H04L12/28
    • H04W60/00H04L63/0823H04L63/126H04W8/087H04W12/06H04W40/02H04W74/00H04W80/00H04W80/04
    • A method of facilitating Internet Protocol access by a mobile node to an access Network, the method comprising: sending an attachment request from the mobile node to an access router of the access network, the request containing a mobile node identifier and an Interface Identifier or means for deriving an Interface Identifier, and being signed by the mobile node to allow the message to be authenticated as originating at that mobile node; receiving the request at the access router and authenticating the message there using the signature, and in response to the receipt and authentication of the message, performing a predefined set of tasks delegated to the access node and which are required to facilitate said access; and returning an acknowledgment from the access router to the mobile node confirming the access permission, the acknowledgement containing a network routing prefix and means for authenticating the access router to the mobile node.
    • 一种促进移动节点对接入网络的因特网协议访问的方法,所述方法包括:从所述移动节点向所述接入网络的接入路由器发送附着请求,所述请求包含移动节点标识符和接口标识符或装置 用于导出接口标识符,并且被移动节点签名以允许将该消息认证为源于该移动节点; 在所述接入路由器处接收所述请求并使用所述签名在其上验证所述消息,并且响应于所述消息的接收和认证,执行委托给所述接入节点的预定义的任务集合,并且为便于所述接入而需要该任务; 以及从所述接入路由器返回确认所述访问许可的所述确认,所述确认包含网络路由前缀以及用于认证到所述移动节点的所述接入路由器的装置。